exploitDog

CVE-2021-33650

Опубликовано: 27 июн. 2022

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

When performing the inference shape operation of the SparseToDense operator, if the number of inputs is less than three, it will access data outside of bounds of inputs which allocated from heap buffers.

Ссылки

https://gitee.com/mindspore/community/blob/master/security/security_advisory_list/mssa-2021-005_en.md
Patch
Third Party Advisory
https://gitee.com/mindspore/community/blob/master/security/security_advisory_list/mssa-2021-005_en.md
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mindspore:mindspore:*:*:*:*:*:openeuler:*:*

Версия от 1.2.0 (включая) до 1.3.0 (исключая)

EPSS

Процентиль: 54%

0.00316

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-125

CWE-125

Связанные уязвимости

GHSA-84w2-mxww-qhfg

CVSS3: 7.5

github

больше 3 лет назад

When performing the inference shape operation of the SparseToDense operator, if the number of inputs is less than three, it will access data outside of bounds of inputs which allocated from heap buffers.

EPSS

Процентиль: 54%

0.00316

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-125

CWE-125